{"id":"PYSEC-2022-227","details":"Bottle before 0.12.20 mishandles errors during early request binding.","aliases":["CVE-2022-31799","GHSA-xhp9-4947-rq78"],"modified":"2023-11-08T04:09:33.129718Z","published":"2022-06-02T14:15:00Z","references":[{"type":"WEB","url":"https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20"},{"type":"FIX","url":"https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00"},{"type":"FIX","url":"https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5159"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-xhp9-4947-rq78"}],"affected":[{"package":{"name":"bottle","ecosystem":"PyPI","purl":"pkg:pypi/bottle"},"ranges":[{"type":"GIT","repo":"https://github.com/bottlepy/bottle","events":[{"introduced":"0"},{"fixed":"e140e1b54da721a660f2eb9d58a106b7b3ff2f00"},{"fixed":"a2b0ee6bb4ce88895429ec4aca856616244c4c4c"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.12.20"}]}],"versions":["0.10.1","0.10.10","0.10.11","0.10.12","0.10.2","0.10.3","0.10.4","0.10.5","0.10.6","0.10.7","0.10.8","0.10.9","0.11.1","0.11.2","0.11.3","0.11.4","0.11.5","0.11.6","0.11.7","0.12.1","0.12.10","0.12.11","0.12.12","0.12.13","0.12.14","0.12.15","0.12.16","0.12.17","0.12.18","0.12.19","0.12.2","0.12.3","0.12.4","0.12.5","0.12.6","0.12.7","0.12.8","0.12.9","0.4.10","0.4.11","0.4.12","0.4.13","0.4.14","0.4.3","0.4.4","0.4.6","0.4.7","0.4.8","0.4.9","0.5.3","0.5.4","0.5.6","0.5.7","0.5.8","0.6.0","0.6.1","0.6.2","0.6.3","0.6.4","0.6.5","0.6.6","0.8.1","0.8.2","0.8.3","0.8.4","0.8.5","0.9.1","0.9.2","0.9.3","0.9.4","0.9.5","0.9.6","0.9.7","0.9.8"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/bottle/PYSEC-2022-227.yaml"}}],"schema_version":"1.7.3"}